I'm not sure what you think I'm dodging. If you're referring to the first portion of my last post, I'm not dodging anything; I'm clearing up a miscommunication, one that I think renders the discussion moot.

I looked; the cases in question aren't well referenced online, as they are mostly small, local cases in WA state. I'd need to obtain paper copies from the security managers at local Target stores (who I'm friends with, as an aside, which is why this isn't completely and totally out of the way).

Alternately, I can just ask them for case numbers, and you can do the online digging yourself.

Edit to add: I'll re-check the LOC when I have case numbers and/or the name of both parties, but my first look didn't turn anything up.

Are you basing your position entirely on your own interpretation of a ruling made in local courts, the results of which are available solely through "copies from a friend who works at Target"?

This is a question, not a critique._________________All our final decisions are made in a state of mind that is not going to last. - Marky Mark Proust

I looked; the cases in question aren't well referenced online, as they are mostly small, local cases in WA state. I'd need to obtain paper copies from the security managers at local Target stores (who I'm friends with, as an aside, which is why this isn't completely and totally out of the way).

Alternately, I can just ask them for case numbers, and you can do the online digging yourself.

Edit to add: I'll re-check the LOC when I have case numbers and/or the name of both parties, but my first look didn't turn anything up.

Are you basing your position entirely on your own interpretation of a ruling made in local courts, the results of which are available solely through "copies from a friend who works at Target"?

This is a question, not a critique.

Yes, my position regarding the legality of a corporation searching and detaining customers against their will is largely based on the experiences of Target security managers, which include information on company policy, anecdotal evidence and successful court cases.

That was an expansion & clarification, not an attempt at defending myself.

Google and most other websites can be used without e-signing an agreement; however, in using the website you are passively agreeing to abide by the website's Terms of Service.

The very first thing the Google Terms of Service wrote:

Quote:

Welcome! By using Google's search engine or other Google services ("Google Services"), you agree to be bound by the following terms and conditions (the "Terms of Service").

Hence, in using the service, you are signing away certain rights you might otherwise be entitled to. This includes, in many cases, the use of personal information obtained by the company in the course of your use of Google's service. In agreeing to the Google Terms of Service, you are agreeing that you acknowledge their Privacy Policy...

You see, quite clearly, that an assumption of "forfeiture of rights" as an implicit requirement of "using our superawsomeandinnowayubiquitous service" is in no way binding, in and of itself. The terms must be within bounds considered "reasonable" by the "common user." Those I listed obviously are not. Further, one could very pointedly argue that, particularly in consideration of the complete lack of an open and obvious and actually straight-forward disclaimer, there is a reasonable assumption of anonymity on the part of the user. This is only increased by the ubiquity of Google's services (it has become a common-use VERB, for god's sake!).

According to your logic, the janitor at my local Dairy Queen has the right to rifle through my wallet.

[drunk points +1!]_________________All our final decisions are made in a state of mind that is not going to last. - Marky Mark Proust

You see, quite clearly, that an assumption of "forfeiture of rights" as an implicit requirement of "using our superawsomeandinnowayubiquitous service" is in no way binding, in and of itself. The terms must be within bounds considered "reasonable" by the "common user." Those I listed obviously are not. Further, one could very pointedly argue that, particularly in consideration of the complete lack of an open and obvious and actually straight-forward disclaimer, there is a reasonable assumption of anonymity on the part of the user. This is only increased by the ubiquity of Google's services (it has become a common-use VERB, for god's sake!).

First: there's a clear difference between Google's use of user data (not legislated) and the example used (illegal and/or unenforcable); I understand you're exaggerating to demonstrate a point, but it's important to note that Google's use of user data has not been legislated against, either directly or by sufficient precedent, and they've been (and continue to be) given the green light by the ISACA. Even in the current AOL extravaganza, Google is in the clear despite all of the information AOL misdistributed being Google users' search information, as they're in full compliance with legal precedents regarding the protection and distribution of user information, most notably the Sarbanes-Oxley Act and, by extension, COBIT (though the latter primarily governs protection, not distribution).

The terms are not infinitely binding, but why must the bounds be considered "reasonable" by the "common user?" Logically, yes, the bounds must be considered reasonable in order for a corporation to succeed, but the laws regarding information distribution (and many other aspects of corporate practice) do not universally legislate against deceptive business practices.

I maintain any assumption of anonymity on the part of the user is unfounded. In an age where identity theft horror stories abound, a Google search for a telephone number can bring up everything from pictures of their kid to a satellite photo of their house, where companies who demonstrate a committment to "protecting your privacy" are flocked to, I'm continually amazed that people 1) don't know what information they're making available and don't bother to find out, and 2) automatically assume that companies will not use every legal (and, sometimes, illegal) means at their disposal to make money.

Maybe I'm just a pessimist.

Quote:

According to your logic, the janitor at my local Dairy Queen has the right to rifle through my wallet.

If their policy is to allow their janitors to do so, yes - unless precedent has rendered it illegal. In the case of Google obtaining, organizing, using and distributing (note: not selling) user information, no precedent has done so.

And I'd love to know how people wants a search engine to work as good as google without indexing the searches to learn about them.

They can index the searches without any personally identifying information, though. Even if they want to associate all the searches done in one session, the linking identifier does not need to lead back to a specific individual. This will allow the search engine providers the ability to leverage the data without compromising privacy._________________The universe we observe has precisely the properties we should expect if there is, at bottom, no design, no purpose, no evil, no good, nothing but blind, pitiless indifference.
- Charles Darwin

And I'd love to know how people wants a search engine to work as good as google without indexing the searches to learn about them.

They can index the searches without any personally identifying information, though. Even if they want to associate all the searches done in one session, the linking identifier does not need to lead back to a specific individual. This will allow the search engine providers the ability to leverage the data without compromising privacy.

The information leaked by AOL contained no directly personally identifying information. They correlated the search data by assigning a unique number to each user; the complaints are from customers whose search data makes them personally identifiable (e.g. they searched their own name, address, social security number, etc.). Hence their searches may (and, apparently, did) included things like "John+Smith" and then also "buy+ecstacy" or "pictures+of+murder+victims" or "20+minute+gun+point+rape+video."

And I'd love to know how people wants a search engine to work as good as google without indexing the searches to learn about them.

They can index the searches without any personally identifying information, though. Even if they want to associate all the searches done in one session, the linking identifier does not need to lead back to a specific individual. This will allow the search engine providers the ability to leverage the data without compromising privacy.

The information leaked by AOL contained no directly personally identifying information. They correlated the search data by assigning a unique number to each user; the complaints are from customers whose search data makes them personally identifiable (e.g. they searched their own name, address, social security number, etc.). Hence their searches may (and, apparently, did) included things like "John+Smith" and then also "buy+ecstacy" or "pictures+of+murder+victims" or "20+minute+gun+point+rape+video."

I see what you're saying. OTOH, searching on a name doesn't mean that it is the name of the searcher. If I were looking for my long lost high school friend, Joe Bagg, that doesn't mean that Joe Bagg is the one doing the search.

I've never really stopped to pay attention, but I've probably googled more names of other people than my own.

My point is that it should be acceptable for search engine providers to store indexes of searches. Legislating against this a waste. I wouldn't oppose a requirement that any index or archiving of searches be stripped of externally identifying information.

If your foolish enough to search for your own name, then in the same session search for "child pornography", well . . ._________________The universe we observe has precisely the properties we should expect if there is, at bottom, no design, no purpose, no evil, no good, nothing but blind, pitiless indifference.
- Charles Darwin

the fact that you believe that no information that you can enter into a search engine can provide another party a solid clue as to your likely identity is absolutely news to me; first i've heard of it.

the fact that you believe that no information that you can enter into a search engine can provide another party a solid clue as to your likely identity is absolutely news to me; first i've heard of it.

that belief also does not seem solidly based in reality.

You're (probably deliberately) misinterpretting what I said. I never said I believe the above;

I wrote:

Searched-for terms are not directly identifying personal information regardless of what they contain...

Searched-for terms do not qualify as directly identifying information. In anonymously compiling and releasing your search terms, Google is not readily releasing your name, social security number, credit card number, address, billing information, etc. in a manner prescribed against by their privacy policy. Their policy makes it crystal clear that they will compile and engage in limited sharing of your search information; if you elect to put information in your search terms that can be traced back to you, it's no longer a direct dissemination on the part of Google.

I've really tried to have this discussion with you, Tom, but you seem hell bent on being a jerk about it. You've repeatedly refused to address what I've said in good faith.

For the record, andrew's right. The "reasonable expectation of privacy" has a lot of caveats. Anything you do in public, or in view of the public, for instance, is not private. Likewise, current law on the 4th amendment provides that any time you give information to a third party (such as a computer technician, repair person, store or website) you no longer have an expectation of privacy._________________"Worse comes to worst, my people come first, but my tribe lives on every country on earth. Iíll do anything to protect them from hurt, the human race is what I serve." - Baba Brinkman